On September 7, 2017, Equifax announced that it was a victim of a major data breach potentially impacting about 145.5 million U.S. consumers. CITP, in collaboration with Fordham University’s Center on Law and Information Policy, presents a panel discussion and analysis of the Equifax breach from a technological, financial, legal and regulatory perspective. Experts from each of these disciplines will discuss existing shortcomings and vulnerabilities that led to this breach, the impact of this breach and recommendations for minimizing future attacks and data breaches.

Moderator:

Edward W. Felten is the director of CITP, the Robert E. Kahn Professor of Computer Science and Public Affairs, and the director of the Program in Technology and Society, Information Technology track at Princeton University. He served at the White House as the deputy U.S. chief technology officer from June 2015 to January 2017. Ed was also the first chief technologist for the Federal Trade Commission from January 2011 until September 2012. His research interests include computer security and privacy, and public policy issues relating to information technology. Specific topics include software security, Internet security, electronic voting, cybersecurity policy, technology for government transparency, network neutrality and Internet policy.

Ed often blogs about technology and policy at Freedom to Tinker.

Panelists:

Kent Anderson is an associate in Brach Eichler’s Litigation Practice Group. He is also a Certified Information Privacy Professional/United States (CIPP/US).

Prior to joining Brach Eichler, Kent served as a deputy attorney general in the State of New Jersey Office of the Attorney General, Division of Law. As a member of the Government & Healthcare Fraud Section, Kent investigated and prosecuted government contractor fraud and data privacy/cybersecurity consumer fraud matters. Kent acted as both lead and co-counsel in federal-state, multi-state and New Jersey-initiated investigations into potential violations of the New Jersey False Claims Act, New Jersey Consumer Fraud Act, Identity Theft Prevention Act, Computer Related Offenses Act, HIPAA/HITECH and COPPA, among other laws. He has experience with False Claims Act cases involving major financial institutions, pharmacy benefit managers, pharmaceutical companies, health care providers and health insurance companies, as well as data privacy cases involving the retail and health care industries, data aggregators, and consumer-facing websites/devices. While at the Division of Law, Kent also served as a member of the attorney general’s cyber working group, which coordinates the State’s approach to cyber issues across criminal/civil law enforcement. Kent was awarded a 2017 Attorney General’s Award for Outstanding Contribution by a New Employee.

Marshini Chetty is a research scholar in the Department of Computer Science at Princeton University specializing in human computer interaction and ubiquitous computing. Marshini designs, implements, and evaluates technologies to help users manage different aspects of Internet use from security to performance. She often works in resource constrained settings and uses her work to help inform policy. She has a Ph.D. in human-centered computing from Georgia Institute of Technology, USA and a Masters and Bachelors in computer science from University of Cape Town, South Africa. Her passions are all things broadband related and trying to make the world a better place, one bit at a time.

Sanjay Gupta is executive vice president and head of model development at PNC Bank. He is responsible for the development of the quantitative models for reserves, capital, stress testing, customer acquisition and operational risk for PNC Bank.

Previously he led Wholesale Analytics at HSBC USA and was the head of RiskTech, a boutique risk consulting company. He has also worked with a number of top tier financial services firms in US, Europe and Asia in his previous consulting work at Ernst and Young and A.T. Kearney.

He has worked extensively in the areas of quantitative modeling, credit risk, model validation; and risk governance. He has a Masters in finance from Carnegie Mellon University, an MBA from Indian Institute of Management, Calcutta and B Tech from Indian Institute of Technology, Delhi, India.

He has presented his work on risk management and quantitative modeling at conferences sponsored by Federal Reserve Bank, Moody’s, SAS and other industry forums. He has also spoken to students at top US universities e.g. University of Chicago, Columbia, Carnegie Mellon University, Case Western University, Georgia Tech etc regarding practical risk management and modeling issues.

Joel Reidenberg is a professor at Fordham Law School where he is a leading international scholar in internet law, privacy, and cybersecurity. Reidenberg was CITP’s inaugural Microsoft Visiting Professor of Information Technology Policy for 2013-2014 and a visiting research collaborator from 2014 to 2018. While visiting CITP, he collaborated on research with the CITP community and taught an undergraduate course on internet law and policy, which he still teaches every spring for the Woodrow Wilson School. At Fordham he holds the Stanley D. and Nikki Waxberg Chair, and he is the founding academic director of the Center on Law and Information Policy. He received his A.B. from Dartmouth, J.D. from Columbia and Ph.D. from the Universite de Paris-Sorbonne.